Re: [edk2-devel] [PATCH 3/4] OvmfPkg: rework TPM configuration

Stefan Berger Thu, 21 Oct 2021 08:45:11 -0700


On 10/21/21 8:20 AM, Gerd Hoffmann wrote:

Rename TPM_ENABLE to TPM2_ENABLE and TPM_CONFIG_ENABLE to
TPM2_CONFIG_ENABLE so they are in line with the ArmVirtPkg
config option names.

Add separate TPM1_ENABLE option for TPM 1.2 support.

I tested this on Fedora and attached a TPM 1.2 to the VM after a build**without** TPM1_ENABLE. When I run this here inside the VM


cat /sys/devices/pnp0/00\:04/prcs

I get measurements in PCRs 0-9 hinting that the TPM 1.2 support isn'tentirely disabled but somehow it's still measuring into thosefirmware-related PCRs. It is due to this here:


diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc
index 51da7508b307..de55cbdcf852 100644
--- a/OvmfPkg/OvmfTpmDefines.dsc.inc
+++ b/OvmfPkg/OvmfTpmDefines.dsc.inc
@@ -2,5 +2,8 @@
 #    SPDX-License-Identifier: BSD-2-Clause-Patent
 ##

- DEFINE TPM_ENABLE = FALSE

-  DEFINE TPM_CONFIG_ENABLE       = FALSE
+  DEFINE TPM2_ENABLE             = FALSE
+  DEFINE TPM2_CONFIG_ENABLE      = FALSE
+
+  # has no effect unless TPM2_ENABLE == TRUE
+  DEFINE TPM1_ENABLE             = TRUE

If you set this to FALSE then it removes TPM 1.2 support if TPM1_ENABLEis not passed.


  Stefan


Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
---
  OvmfPkg/OvmfTpmComponentsDxe.dsc.inc                  | 6 ++++--
  OvmfPkg/OvmfTpmComponentsPei.dsc.inc                  | 6 +++++-
  OvmfPkg/OvmfTpmDefines.dsc.inc                        | 7 +++++--
  OvmfPkg/OvmfTpmLibs.dsc.inc                           | 4 +++-
  OvmfPkg/OvmfTpmLibsDxe.dsc.inc                        | 4 +++-
  OvmfPkg/OvmfTpmLibsPeim.dsc.inc                       | 4 +++-
  OvmfPkg/OvmfTpmPcds.dsc.inc                           | 2 +-
  OvmfPkg/OvmfTpmPcdsHii.dsc.inc                        | 2 +-
  OvmfPkg/OvmfTpmSecurityStub.dsc.inc                   | 4 +++-
  OvmfPkg/OvmfTpmDxe.fdf.inc                            | 6 ++++--
  OvmfPkg/OvmfTpmPei.fdf.inc                            | 6 +++++-
  OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml    | 6 +++---
  OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml | 6 +++---
  OvmfPkg/PlatformCI/ReadMe.md                          | 2 +-
  14 files changed, 44 insertions(+), 21 deletions(-)

diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc 
b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
index d5c2586118f1..6806eb245e2b 100644
--- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
+++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
@@ -2,7 +2,7 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
    SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
      <LibraryClasses>
        
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
@@ -14,13 +14,15 @@
        NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
        NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
    }
-!if $(TPM_CONFIG_ENABLE) == TRUE
+!if $(TPM2_CONFIG_ENABLE) == TRUE
    SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
  !endif
+!if $(TPM1_ENABLE) == TRUE
    SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
      <LibraryClasses>
        
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
    }
+!endif
    SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
      <LibraryClasses>
        
TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc 
b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
index b5dc20c4858c..94bc124f9b78 100644
--- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
+++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
@@ -2,10 +2,14 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
    OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
+!if $(TPM1_ENABLE) == TRUE
    OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPeiCompat12.inf
    SecurityPkg/Tcg/TcgPei/TcgPei.inf
+!else
+  OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+!endif
    SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
      <LibraryClasses>
        
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc
index 51da7508b307..de55cbdcf852 100644
--- a/OvmfPkg/OvmfTpmDefines.dsc.inc
+++ b/OvmfPkg/OvmfTpmDefines.dsc.inc
@@ -2,5 +2,8 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

- DEFINE TPM_ENABLE = FALSE

-  DEFINE TPM_CONFIG_ENABLE       = FALSE
+  DEFINE TPM2_ENABLE             = FALSE
+  DEFINE TPM2_CONFIG_ENABLE      = FALSE
+
+  # has no effect unless TPM2_ENABLE == TRUE
+  DEFINE TPM1_ENABLE             = TRUE
diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc
index 50100f2c0371..418747b13487 100644
--- a/OvmfPkg/OvmfTpmLibs.dsc.inc
+++ b/OvmfPkg/OvmfTpmLibs.dsc.inc
@@ -2,8 +2,10 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
+!if $(TPM1_ENABLE) == TRUE
    Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
+!endif
    Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
    
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
    
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc
index 67d5027abaea..1d66cdac778c 100644
--- a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc
+++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc
@@ -2,7 +2,9 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
+!if $(TPM1_ENABLE) == TRUE
    Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
+!endif
    Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
  !endif
diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc
index 4e84e3dcaaeb..03caccd7c688 100644
--- a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc
+++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc
@@ -2,8 +2,10 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+!if $(TPM1_ENABLE) == TRUE
    Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
+!endif
    Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
  !endif
diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc
index 0e7f83c04bd7..0d55d6273702 100644
--- a/OvmfPkg/OvmfTpmPcds.dsc.inc
+++ b/OvmfPkg/OvmfTpmPcds.dsc.inc
@@ -2,6 +2,6 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
    gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
  !endif
diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc
index 164bc9c7fca0..a0aa81aedf3a 100644
--- a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc
+++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc
@@ -2,7 +2,7 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE && $(TPM2_CONFIG_ENABLE) == TRUE
    
gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
    
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
  !endif
diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc 
b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc
index 4bd4066843ef..e9ab2fca7bc7 100644
--- a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc
+++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc
@@ -2,7 +2,9 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
+!if $(TPM1_ENABLE) == TRUE
        NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
        NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
  !endif
diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc
index 9dcdaaf01c39..fa749726789a 100644
--- a/OvmfPkg/OvmfTpmDxe.fdf.inc
+++ b/OvmfPkg/OvmfTpmDxe.fdf.inc
@@ -2,11 +2,13 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
+!if $(TPM1_ENABLE) == TRUE
  INF  SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
+!endif
  INF  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
  INF  SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
-!if $(TPM_CONFIG_ENABLE) == TRUE
+!if $(TPM2_CONFIG_ENABLE) == TRUE
  INF  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
  !endif
  !endif
diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc
index 6380d7660d40..a4f0f80715d4 100644
--- a/OvmfPkg/OvmfTpmPei.fdf.inc
+++ b/OvmfPkg/OvmfTpmPei.fdf.inc
@@ -2,10 +2,14 @@
  #    SPDX-License-Identifier: BSD-2-Clause-Patent
  ##

-!if $(TPM_ENABLE) == TRUE

+!if $(TPM2_ENABLE) == TRUE
  INF  OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
+!if $(TPM1_ENABLE) == TRUE
  INF  OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPeiCompat12.inf
  INF  SecurityPkg/Tcg/TcgPei/TcgPei.inf
+!else
+INF  OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+!endif
  INF  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
  INF  SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
  !endif
diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml 
b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
index 7117b86b8177..4a3c08029a5b 100644
--- a/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
+++ b/OvmfPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
@@ -95,21 +95,21 @@ jobs:
            OVMF_IA32X64_FULL_DEBUG:
              Build.File: "$(package)/PlatformCI/PlatformBuild.py"
              Build.Arch: "IA32,X64"
-            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
              Build.Target: "DEBUG"
              Run.Flags: $(run_flags)
              Run: $(should_run)
            OVMF_IA32X64_FULL_RELEASE:
              Build.File: "$(package)/PlatformCI/PlatformBuild.py"
              Build.Arch: "IA32,X64"
-            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
              Build.Target: "RELEASE"
              Run.Flags: $(run_flags)
              Run: $(should_run)
            OVMF_IA32X64_FULL_NOOPT:
              Build.File: "$(package)/PlatformCI/PlatformBuild.py"
              Build.Arch: "IA32,X64"
-            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
              Build.Target: "NOOPT"
              Run.Flags: $(run_flags)
              Run: $(should_run)
diff --git a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml 
b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml
index 2e07a3d8893a..0e6f54c57cce 100644
--- a/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml
+++ b/OvmfPkg/PlatformCI/.azurepipelines/Windows-VS2019.yml
@@ -94,14 +94,14 @@ jobs:
            OVMF_IA32X64_FULL_DEBUG:
              Build.File: "$(package)/PlatformCI/PlatformBuild.py"
              Build.Arch: "IA32,X64"
-            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
              Build.Target: "DEBUG"
              Run.Flags: $(run_flags)
              Run: $(should_run)
            OVMF_IA32X64_FULL_RELEASE:
              Build.File: "$(package)/PlatformCI/PlatformBuild.py"
              Build.Arch: "IA32,X64"
-            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+            Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
              Build.Target: "RELEASE"
              Run.Flags: $(run_flags)
              Run: $(should_run)
@@ -112,7 +112,7 @@ jobs:
      #       OVMF_IA32X64_FULL_NOOPT:
      #         Build.File: "$(package)/PlatformCI/PlatformBuild.py"
      #         Build.Arch: "IA32,X64"
-    #         Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1 
BLD_*_TPM_ENABLE=1 BLD_*_TPM_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
+    #         Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_SMM_REQUIRE=1  
BLD_*_TPM2_ENABLE=1 BLD_*_TPM2_CONFIG_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 
BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
      #         Build.Target: "NOOPT"
      #         Run.Flags: $(run_flags)
      #         Run: $(should_run)
diff --git a/OvmfPkg/PlatformCI/ReadMe.md b/OvmfPkg/PlatformCI/ReadMe.md
index 2ce9007dbeaa..4b3ebe022dad 100644
--- a/OvmfPkg/PlatformCI/ReadMe.md
+++ b/OvmfPkg/PlatformCI/ReadMe.md
@@ -14,7 +14,7 @@ supported and are described below.
  | IA32                    | IA32               | OvmfPkgIa32.dsc     | None   
         |
  | X64                     | X64                | OvmfPkgIa64.dsc     | None   
         |
  | IA32 X64                | PEI-IA32 DXE-X64   | OvmfPkgIa32X64.dsc  | None   
         |
-| IA32 X64 Full           | PEI-IA32 DXE-X64   | OvmfPkgIa32X64.dsc  | 
SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM_ENABLE=1 TPM_CONFIG_ENABLE=1 
NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 NETWORK_HTTP_BOOT_ENABLE=1 |
+| IA32 X64 Full           | PEI-IA32 DXE-X64   | OvmfPkgIa32X64.dsc  | 
SECURE_BOOT_ENABLE=1 SMM_REQUIRE=1 TPM1_ENABLE=1 TPM2_ENABLE=1 
TPM2_CONFIG_ENABLE=1 NETWORK_TLS_ENABLE=1 NETWORK_IP6_ENABLE=1 
NETWORK_HTTP_BOOT_ENABLE=1 |

## EDK2 Developer environment



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#82461): https://edk2.groups.io/g/devel/message/82461
Mute This Topic: https://groups.io/mt/86487986/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 3/4] OvmfPkg: rework TPM configuration

Reply via email to